Nagios Support Forum

I was looking to use the Translate plugin https://www.elastic.co/guide/en/logstas ... slate.html but didn't see it listed in the NLS filesystem (probably because its a community maintained plugin). Maybe theres a different way to accomplish what I'm trying to do.

I have a firewall log that references a number of values (hundreds) in different scenarios. I'd like to be able to do a dictionary lookup on a YAML file formatted like this.
So if "1" replace with ICMP. Whats the best way to do something like that using the installed plugins? Would rather not need to write massive filters to grok replace.

You can install the translate plugin by issuing the following command:
After installing the translate plugin, I imagine you'll have no problem trying to parse out your YAML.

jolson wrote:You can install the translate plugin by issuing the following command:

Code: Select all

/usr/local/nagioslogserver/logstash/bin/logstash install logstash-filter-translate

After installing the translate plugin, I imagine you'll have no problem trying to parse out your YAML.

That helped get me looking in the right direction. I had to run /usr/local/nagioslogserver/logstash/bin/plugin install logstash-filter-translate

Install went fine, thanks!

Oh crud, my bad! I even typed it correctly in my terminal - not sure what I was thinking.

I'm glad you got this working, is there anything else I can help you with?

jolson wrote:Oh crud, my bad! I even typed it correctly in my terminal - not sure what I was thinking.

I'm glad you got this working, is there anything else I can help you with?

At the moment I'm good on this issue. I have other questions that I'll eventually open another thread on as they differ so much from this topic. As always thanks for your help!

Sounds great, I'll close it out.

Jesse